Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Identifying Windows O/S & SP

from [Roger Dodger] Network Security [Permanent Link]
Subject: Re: Identifying Windows O/S & SP
Date: Wed, 24 Aug 2005 22:18:21 -0700 (PDT) 
How about trusty ol'Nmap

nmap -P0 -O -T Paranoid <ip address>

I didn't do a packet count but should avoid IDS in
paranoid mode...

Cheers,
RAC

----Original Message-----
From: L3wD [mailto:l3wd@earthlink.net] 
Sent: Wednesday, August 24, 2005 6:53 PM
To: pen-test@securityfocus.com
Subject: Identifying Windows O/S & SP

    I am looking for a method of correctly identifying
Windows O/S
Versions and Service Packs remotely. Here are my
restrictions:
- Performed Remotely (not in same broadcast domain)
- No Admin Rights on Remote Box
- No Username/Password on Remote Box
- VERY Few Packets Generated (excluding TCP 3-way
handshake)
- Ability to **AVOID** IDS Detection

    My preferences are for something that is command
line based, and can
be run from a Linux platform. I'll take something GUI
based or Windows
based if that is all there is. Multiple tools are
fine, as long as the
number of packets generated are very low.

    I've taken a look at Winfingerprint 0.6.2 with
only the Win32 OS
Version option selected, but it generates 70+ packets
which is too loud
for my purposes.



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Identifying Windows O/S & SP, Ivan .
Next by Date:  Software Proxys Anonymous, Mark Sec
Previous by Thread:  Re: Identifying Windows O/S & SP, ekamerling
Next by Thread:  Looking for Analysts in the Calgary, Alberta Canada - UI design workshop, Alfred Huger
Indexes:  [Date] [Thread] [Top] [All Lists]